Configuring routes and secure my serverless functions #3888

jam3sn · 2020-03-06T20:22:39Z

jam3sn
Mar 6, 2020

I'm playing around with the serverless functions with Go and having a little trouble with the configuration. I've created a route /api/v1/hello which serves a function from /api/hello.go in my project. Now this URL works great.

However, / shows the api directory, and I can also visit /api/hello. Further more, if I go to /api/hello.go I can download the hello.go file.

Now for / I can add a route that 404s, but is this the correct way? Then how do I prevent access to /api/hello and my source files like /api/hello.go?

Here's my now.json currently:

{
  "build": {
    "env": {
      "GO_BUILD_FLAGS": "-ldflags '-s -w'"
    }
  },
  "routes": [
    {
      "src": "/api/v1/hello",
      "methods": ["GET"],
      "dest": "/api/hello.go",
      "headers": { "Content-Type": "text/plain" }
    }
  ],
  "env": {
    "API_TOKEN": "@api-token"
  },
  "regions": ["lhr1"]
}

I'm sure I'm just missing something simple, so any help would be greatly appreciated 🙂

Answered by paulogdm

Mar 6, 2020

Hey @jam3sn , thanks for experimenting GitHub discussions on our repository!

First, let's start with a few relevant links:

Based on what you provided, I suggest the following:

{
  "build": {
    "env": {
      "GO_BUILD_FLAGS": "-ldflags '-s -w'"
    }
  },
  "rewrites": [
    { "source": "/api/v1/hello", "destination": "/api/hello.go" },
    { "source": "/(.*)", "destination": "/404.html" }
  ],
  "env": {
    "API_TOKEN": "@api-token"
  },
  "regions": ["lhr1"]
}

The first rewrite configuration will send the response from your API. I recommend that you set headers in the serverless f…

View full answer

paulogdm · 2020-03-06T23:43:36Z

paulogdm
Mar 6, 2020
Maintainer

Hey @jam3sn , thanks for experimenting GitHub discussions on our repository!

First, let's start with a few relevant links:

Based on what you provided, I suggest the following:

{
  "build": {
    "env": {
      "GO_BUILD_FLAGS": "-ldflags '-s -w'"
    }
  },
  "rewrites": [
    { "source": "/api/v1/hello", "destination": "/api/hello.go" },
    { "source": "/(.*)", "destination": "/404.html" }
  ],
  "env": {
    "API_TOKEN": "@api-token"
  },
  "regions": ["lhr1"]
}

The first rewrite configuration will send the response from your API. I recommend that you set headers in the serverless function itself instead of the route configuration.
The second one will make sure that every "miss" will go to a 404 page that you can upload as well.

Let me know how it goes.

1 reply

jam3sn Mar 8, 2020
Author

Hey @paulogdm , thanks for your reply, that worked a treat! The only thing I did need to change was destination to dest.

Thanks for your help, it's clarified how I should be configuring the routes for my serverless app!

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Configuring routes and secure my serverless functions #3888

{{title}}

Replies: 1 comment 1 reply

{{title}}

{{title}}

Select a reply

Configuring routes and secure my serverless functions #3888

jam3sn Mar 6, 2020

Replies: 1 comment · 1 reply

paulogdm Mar 6, 2020 Maintainer

jam3sn Mar 8, 2020 Author

jam3sn
Mar 6, 2020

Replies: 1 comment 1 reply

paulogdm
Mar 6, 2020
Maintainer

jam3sn Mar 8, 2020
Author